CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jbd2: Check ‘jh-btransaction’ before removing it from the checkpoint. The following process will corrupt the ext4 image: Step 1: jbd2journalcommittransaction jbd2journalinsertcheckpointjh, committransaction // Place jh into...

5.5CVSS5.9AI score0.00017EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: Fixed to ensure that compressed blocks are persisted during checkpointing. If the data block in a compressed cluster is not persisted with metadata during a checkpoint, after SPOR, the data may become corrupted. W...

5.5CVSS5.8AI score0.00019EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: block cache/dio write during f2fsenablecheckpoint’” This issue is resolved through commit 196c81fdd438f7ac429d5639090a9816abb9760a. The original patch might cause a deadlock; therefore, it should be reverted. Chang...

5.5CVSS5.7AI score0.00015EPSS

NVD•added 2026/05/14 4:16 p.m.•8 views

CVE-2026-44504

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's threadid, can execute graph runs against the user's thread, read the user's full...

8.6CVSS0.00014EPSS

EUVD•added 2026/05/14 3:52 p.m.•2 views

EUVD-2026-30322

ATTACKERKB•added 2026/05/14 3:52 p.m.•1 views

CVE-2026-44504

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/14 3:52 p.m.•2 views

CVE-2026-44504 Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)

Cvelist•added 2026/05/14 3:52 p.m.•31 views

CVE-2026-44504 Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)

8.6CVSS0.00014EPSS

CNNVD•added 2026/05/14 12:0 a.m.•4 views

Aegra 授权问题漏洞

Aegra is a large-scale model application platform developed by Aegra Corporation, designed for building and orchestrating multi-step intelligent agent processes. Versions of Aegra prior to 0.9.7 contained an authorization vulnerability. This vulnerability stemmed from multiple authenticated users...

RedhatCVE•added 2026/05/13 2:21 p.m.•2 views

CVE-2026-31214

The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 2025-20-27 contains an insecure deserialization vulnerability CWE-502. The script uses torch.load to process PyTorch checkpoint files .pt without enabling the security-restrictiv...

9.8CVSS6.3AI score0.00513EPSS

GithubExploit•added 2026/05/13 8:29 a.m.•49 views

unverified_exploits

Unverified Exploits - Rule-Based Exploit Generation & Testing...

5.8AI score

Exploits0

RedhatCVE•added 2026/05/12 8:21 p.m.•4 views

CVE-2026-31250

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its averagemodel.py model averaging tool. The script loads PyTorch checkpoint files epoch.pt for model averaging using torch.load without enabling the...

7.3CVSS6.1AI score0.00047EPSS

RedhatCVE•added 2026/05/12 8:21 p.m.•4 views

CVE-2026-31253

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...

7.3CVSS6.1AI score0.00047EPSS